Get access token
- 16 Jul 2023
- 1 Minute to read
- Print
- DarkLight
- PDF
Get access token
- Updated on 16 Jul 2023
- 1 Minute to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
The REST APIs in C3 are secured by OAuth2.0 based authentication against Azure Active Directory. The APIs expect a valid access token sent as “bearer” token in the request header for the key named Authorization.
Access token can be obtained non-interactively / silently (best suited for apps that run as background jobs or client applications that don’t require user intervention) by calling the Microsoft API with the below detail:
URL
POST https://login.microsoftonline.com/{{tenantID}}/oauth2/token
{{tenantID}} should be replaced with 08e91d7e-4f3f-49a0-8973-8b2547341ec7
Request headers
Key | Value |
Content-Type | application/x-www-form-urlencoded |
Request body
Key | Value |
grant_type | client_credentials |
client_id | <to-be-provided-offline> |
client_secret | <to-be-provided-offline> |
scope | <to-be-provided-offline> |
resource | <to-be-provided-offline> |
Response body
The sample response for the request to the API to get access token looks like below:
{
"token_type": "Bearer",
"expires_in": "3599",
"ext_expires_in": "3599",
"expires_on": "1587227232",
"not_before": "1587223332",
"resource": "001dfc3c-1cbf-406e-b592-de9f67f5ab62",
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IllNRUxIVDBndmIwbXhvU0RvWWZvbWpxZmpZVSIsImtpZCI6IllNRUxIVDBndmIwbXhvU0RvWWZvbWpxZmpZVSJ9.eyJhdWQiOiI1MDg3NTRiNi0xYmY0LTQ1NzgtYjc0Zi01NWE5YWE3ODVhN2IiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8wOGU5MWQ3ZS00ZjNmLTQ5YTAtODk3My04YjI1NDczNDFlYzcvIiwiaWF0IjoxNTg3MjIzMzMyLCJuYmYiOjE1ODcyMjMzMzIsImV4cCI6MTU4NzIyNzIzMiwiYWlvIjoiNDJkZ1lBZ0krMlh4TVhCZXpPTHpqcXZmZmZHK0R3QT0iLCJhcHBpZCI6Ijk4MTVmNjFhLWJkNjgtNDBiYi1hYzYwLTU3Y2IwYzk1ODg1NCIsImFwcGlkYWNyIjoiMSIsImlkcCI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0LzA4ZTkxZDdlLTRmM2YtNDlhMC04OTczLThiMjU0NzM0MWVjNy8iLCJ0aWQiOiIwOGU5MWQ3ZS00ZjNmLTQ5YTAtODk3My04YjI1NDczNDFlYzciLCJ1dGkiOiJMVmIzV3dVNGgwZWkxUkJ4U1Q1WUFBIiwidmVyIjoiMS4wIn0.OGpXRfV_9g9IBVDLYCpzDYVnKOexdPdB72yZE8gd30xwpjqjJjEa1r0SKAmbxX3xpWZ4RxZVYW2KvXne0iA_F3wK7KLfxuRmh3-YYk5bo_8FPbLWFxcPGwZt1vLib-0DWuyfUu_90IZ_fzlxSBuuh4B-U0hEzZ-m2vqKBtpeehLT2-_LjkEdraB9rsDJi2eQCF6EbasFpEgMqiq61ysT1hiE_E2Pq5WJqAEKkphHdOwdWZxyBeM6mc_JTpg7hEGiCtQ5W5KooWCjFiBwx2meUJBXxcfnP5JTIo10sTkiTmBmRGz9sKwUjJrf75REzBWUxPJGZQ8bSJNkpLRZzJ8Rdw"
}The value for the property named access_token should be saved as it will be used in the requests to the C3 REST APIs.
Was this article helpful?
